/// <summary> /// /// </summary> /// <param name="context"></param> public Task OnAuthorizationAsync(AuthorizationFilterContext context) { var requestLocalizer = context.HttpContext.RequestServices.GetRequiredService <IStringLocalizer <Request> >(); var ctrl = (ControllerActionDescriptor)context.ActionDescriptor; //匿名不需要验证 var allowAnonymous = ctrl.MethodInfo.IsDefined(typeof(AllowAnonymousAttribute)) || ctrl.ControllerTypeInfo.IsDefined(typeof(AllowAnonymousAttribute)); if (allowAnonymous) { return(Task.CompletedTask); } // 判断当前登录用户 var user = SetPrincipal(context); if (!user) { var content = new ApiResult <string> { Status = 203, Msg = requestLocalizer["No login or login timeout"] }; ResponseStatusCode.SetResponseStatusCode(content, context.HttpContext.Response); // 此处不能直接设置Response,要设置Result,后续过滤器才不会往下执行,下游判断Result不为空,直接执行结果,自动写入响应 // 否则此处设置响应流,请求到达控制器,又会执行控制器的结果,因再次写入Response而抛异常 context.Result = new ObjectResult(content); } return(Task.CompletedTask); }
/// <summary>无权限请求</summary> /// <param name="filterContext"></param> protected void HandleUnauthorizedRequest(AuthorizationFilterContext filterContext) { var content = new ApiResult <String> { Status = 401, Msg = "No permission" // 没有权限 }; ResponseStatusCode.SetResponseStatusCode(content, filterContext.HttpContext.Response); // 此处不能直接设置Response,要设置Result,后续过滤器才不会往下执行,下游判断Result不为空,直接执行结果,自动写入响应 // 否则此处设置响应流,请求到达控制器,又会执行控制器的结果,因再次写入Response而抛异常 filterContext.Result = new ObjectResult(content); }
/// <summary> /// InvokeAsync /// </summary> /// <param name="context"></param> /// <returns></returns> public async Task InvokeAsync(HttpContext context) { try { await _next(context); } catch (Exception e) { //记录系统的异常信息 XTrace.WriteException(e); // 如果已经开始响应到客户端,直接抛出异常,否则下面写入响应也会抛异常 if (context.Response.HasStarted) { throw; } var data = new ApiResult <String>(); if (e is ApiException apiexc) { data.Status = apiexc.Status; data.Msg = apiexc.Message; //data.Status = ResponseStatusCode.GetStatusCode(apiexc.Status); //context.Response.StatusCode = ResponseStatusCode.SetHttpStatusCode ? // data.Status : 200; ResponseStatusCode.SetResponseStatusCode(data, context.Response); } else { data.Msg = e.Message; data.Status = ResponseStatusCode.GetStatusCode(500); //context.Response.StatusCode = ResponseStatusCode.SetHttpStatusCode ? // data.Status : (Int32)HttpStatusCode.InternalServerError; ResponseStatusCode.SetResponseStatusCode(data, context.Response); } context.Response.Headers.Add(HeaderNames.ContentType, "application/json;charset=utf-8"); await context.Response.WriteAsync(JsonConvert.SerializeObject(data), Encoding.UTF8); } }